Candace Shamieh
Erica Ho
Alex Guo
Marlisa Gashaj
Modern websites have become increasingly reliant on third-party applications and open source tools to deliver functionality and enhance the user experience. However, this reliance introduces both security and privacy risks, as external code can act as a vector for sophisticated attacks, such as Magecart and web skimming. Without visibility into these apps and tools, organizations are left vulnerable to undetected threats, unauthorized data access, and regulatory violations.
To help you monitor your entire client-side stack—including third-party scripts, tags, externally loaded code, libraries, and integrations—Datadog has partnered with Reflectiz, a web exposure monitoring platform. With the Reflectiz offering in the Datadog Marketplace, you can detect, investigate, and mitigate client-side threats targeting your website and its users.
In this post, we'll discuss how the Reflectiz integration with Datadog helps you investigate security threats in real time and assess your site’s overall web exposure risk.
Detect web skimming, script misuse, and client-side threats in real time
Once you install the integration, Reflectiz security and privacy alerts will start reporting into Datadog as logs and metrics. The alerts populate in the Web Exposure Alerts dashboard, enabling you to review their category, severity, and status. You can also detect whether the alert was triggered by misconfigurations or suspicious activity, including web skimming, script misuse, and unauthorized data collection. If you need mitigation guidance, you can pivot directly from the alert to the Reflectiz platform for clear, actionable steps to help you address the threat.
Each alert is enriched with context and mapped to the application’s underlying host. This makes it easier to connect risk signals to the affected systems. By correlating the alert’s information with relevant infrastructure metrics in the Datadog app, you can identify whether high-risk third-party activity is impacting business-critical services and assess the severity of the impact in real time.
For example, let’s say you receive an alert reporting that an unapproved tracking pixel has been embedded on the checkout page. Navigating to the Web Exposure Alerts dashboard, you click on the alert to identify the script responsible for loading the pixel. You review the script’s metadata, including the source domain, destination domain, and the actions that triggered the alert, such as accessing form fields or initiating outbound calls.
To investigate further, you cross-reference the script’s destination domain against your organization’s allowlist. This enables you to confirm that the script is transmitting form field data to an unauthorized endpoint. Since the alert is linked to the underlying host in Datadog, you also check for any related performance degradation or broader system impact so you can escalate accordingly. You then proceed to block the script to immediately stop data exfiltration and prevent any further exposure of sensitive customer information.
Track and benchmark web exposure risk across environments
In addition to detecting threats in real time, the Reflectiz integration helps you prevent future security issues by tracking the overall risk exposure for your website, application, and domain. Through its Exposure Rating system, Reflectiz calculates your ratings based on several factors, including page type, application actions, and domains interacted with. For example, the Exposure Ratings system deems login and checkout pages as high-risk while considering standard informational pages to be safer.
By using the out-of-the-box Web Exposure Rating dashboard in Datadog, you can monitor Reflectiz exposure ratings over time, benchmark your scores against industry peers, and proactively identify areas for improvement.
This visibility helps security teams focus their efforts, compare risk posture across environments, and reduce exposure by learning from both internal data and industry trends. Because Reflectiz alerts are reported in Datadog, you can correlate exposure ratings with your telemetry data. This enables you to understand whether poor scores are associated with specific services and then prioritize improvements accordingly.
For example, let's say a security analyst notices that the exposure score for their organization’s patient portal has dropped significantly. Using the Reflectiz Web Exposure Rating dashboard, they review the related infrastructure metrics and notice elevated error rates and increased CPU usage on the application’s host around the same time that the exposure score dropped. Following the link to the Reflectiz platform, they discover that a recently added third-party chat widget was flagged for using an outdated JavaScript library. After removing the widget, the exposure rating increases and infrastructure metrics return to expected levels, confirming that the issue is resolved.
Extend observability to the client-side stack with Reflectiz and Datadog
With Reflectiz and Datadog, you can view real-time security and privacy alerts alongside infrastructure metrics, track website exposure trends over time, and investigate threats directly in the Datadog platform. By combining Datadog’s full-stack observability with Reflectiz’s specialized web risk monitoring, you can proactively detect and respond to client-side risks before they become incidents.
You can get started with the Reflectiz integration by purchasing a license or starting a 14-day free trial in the Datadog Marketplace. If you don’t already have a Datadog account, you can sign up for a free trial today.
The ability to promote branded marketing tools like Reflectiz is available through the Datadog Partner Network. If you’re interested in developing an integration or application that you’d like to promote, you can contact us at marketplace@datadog.com.
